Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/FLIn1OHaRVj2_cfJHSpxDqa3xHw.roa
File: FLIn1OHaRVj2_cfJHSpxDqa3xHw.roa (raw, json)
Hash identifier: WkdwFhhvssPk4uY0t+vamez77z3OlyaUTFlirshwiR8=
Subject key identifier: 14:B2:27:D4:E1:DA:45:58:F6:FD:C7:C9:1D:2A:71:0E:A6:B7:C4:7C
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 018CC64B63FC88C2159984D62D4F81C8BFA3
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/FLIn1OHaRVj2_cfJHSpxDqa3xHw.roa
Signing time: Mon 01 Jan 2024 18:31:18 +0000
ROA not before: Mon 01 Jan 2024 18:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.153.124.0/24 maxlen: 24
91.217.162.0/24 maxlen: 24
91.217.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 02:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:63:fc:88:c2:15:99:84:d6:2d:4f:81:c8:bf:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 18:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14b227d4e1da4558f6fdc7c91d2a710ea6b7c47c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ee:7e:3b:a5:5b:bd:de:13:e0:8c:df:ae:99:
82:bb:bc:46:d6:d3:55:e0:9e:75:af:35:d6:66:10:
fa:70:fa:59:ff:1b:6c:e3:22:95:38:b7:7a:dc:27:
75:e1:9c:72:ec:c6:1e:c8:79:f1:19:4f:71:58:a9:
02:62:94:d5:a0:64:d8:fb:02:af:e1:17:94:b5:2d:
5c:3e:68:a5:46:e4:5c:4b:4f:30:9a:fb:f3:13:bf:
d3:f4:cd:12:97:cd:d8:79:3f:8f:88:d2:c8:62:59:
91:f8:71:9f:5c:ae:5e:a9:6b:e1:4d:c3:e0:d3:d4:
ac:83:cd:79:0d:2d:a6:20:06:eb:73:9d:f1:36:de:
88:6c:2f:8d:cb:71:a7:57:18:e0:ca:f3:9b:60:a9:
60:e0:80:30:b5:3b:d6:21:d2:ae:ff:f2:fa:4c:ed:
e1:c6:0c:9e:cb:3d:8b:98:fa:e9:05:e2:2e:9f:45:
a2:cf:0d:c6:94:18:bb:cc:df:11:c5:4f:24:57:64:
e9:ee:47:3c:cb:11:94:93:60:be:8d:11:58:fc:3b:
cb:5a:36:e1:cb:ca:4e:90:d2:39:81:09:ef:55:8f:
72:f8:3d:e2:4c:c2:f4:62:82:a8:27:da:e8:a8:af:
02:44:23:1d:d0:04:3a:50:02:ee:39:01:3f:36:d4:
97:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B2:27:D4:E1:DA:45:58:F6:FD:C7:C9:1D:2A:71:0E:A6:B7:C4:7C
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/FLIn1OHaRVj2_cfJHSpxDqa3xHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.124.0/24
91.217.162.0/24
91.217.167.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a6:e1:8d:1e:7b:a8:ea:da:b6:46:f7:dc:ad:36:b2:a5:ff:
68:dd:6b:09:38:ba:8f:ed:93:99:ac:ba:a8:b1:af:a5:39:a0:
bf:97:95:e9:d3:71:24:6c:1d:ae:ba:9e:d6:74:02:bc:2c:4c:
97:fe:1a:f3:11:87:0e:48:88:74:81:a8:24:a3:df:f4:3d:56:
eb:80:dc:e5:c8:73:48:2e:b7:45:2b:39:e4:cf:7e:1e:89:2f:
fd:64:57:f3:40:0d:a7:aa:ee:0a:dd:1c:04:06:58:de:cb:85:
05:be:5f:fe:7b:c0:16:d4:1b:f1:58:d9:0c:4e:23:83:b3:13:
83:8d:99:6a:7d:38:a4:d0:59:e3:7c:37:95:31:2d:e1:81:10:
74:82:97:a0:d0:27:bd:af:4d:95:22:f4:8f:47:79:34:75:cb:
80:fb:d4:43:82:a8:70:0f:38:3d:13:8d:08:75:34:3a:08:11:
fd:f8:71:da:b4:df:71:cf:3a:9f:f1:58:f8:1f:60:a7:53:77:
21:ee:c0:d6:4c:73:c3:03:36:59:80:e9:80:d1:7b:78:4c:eb:
48:f5:76:96:e6:f1:31:43:27:1e:24:78:2c:da:76:fe:d2:7e:
2a:bb:07:8a:c8:96:20:dd:01:58:5f:e2:be:e3:19:71:30:66:
53:b9:f4:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGS2P8iMIVmYTWLU+ByL+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGIyMjdkNGUxZGE0NTU4ZjZmZGM3YzkxZDJhNzEwZWE2YjdjNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+5+O6Vbvd4T4IzfrpmCu7xG1tNV
4J51rzXWZhD6cPpZ/xts4yKVOLd63Cd14Zxy7MYeyHnxGU9xWKkCYpTVoGTY+wKv
4ReUtS1cPmilRuRcS08wmvvzE7/T9M0Sl83YeT+PiNLIYlmR+HGfXK5eqWvhTcPg
09Ssg815DS2mIAbrc53xNt6IbC+Ny3GnVxjgyvObYKlg4IAwtTvWIdKu//L6TO3h
xgyeyz2LmPrpBeIun0Wizw3GlBi7zN8RxU8kV2Tp7kc8yxGUk2C+jRFY/DvLWjbh
y8pOkNI5gQnvVY9y+D3iTML0YoKoJ9roqK8CRCMd0AQ6UALuOQE/NtSXswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBSyJ9Th2kVY9v3HyR0qcQ6mt8R8MB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvRkxJbjFPSGFSVmoyX2NmSkhTcHhEcWEzeEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZl8AwQA
W9miAwQAW9mnMA0GCSqGSIb3DQEBCwUAA4IBAQAWpuGNHnuo6tq2RvfcrTaypf9o
3WsJOLqP7ZOZrLqosa+lOaC/l5Xp03EkbB2uup7WdAK8LEyX/hrzEYcOSIh0gagk
o9/0PVbrgNzlyHNILrdFKznkz34eiS/9ZFfzQA2nqu4K3RwEBljey4UFvl/+e8AW
1BvxWNkMTiODsxODjZlqfTik0FnjfDeVMS3hgRB0gpeg0Ce9r02VIvSPR3k0dcuA
+9RDgqhwDzg9E40IdTQ6CBH9+HHatN9xzzqf8Vj4H2CnU3ch7sDWTHPDAzZZgOmA
0Xt4TOtI9XaW5vExQyceJHgs2nb+0n4quweKyJYg3QFYX+K+4xlxMGZTufTT
-----END CERTIFICATE-----
Generated at Wed Feb 21 03:03:58 2024 by rpki-client on console-fra.rpki-client.org